How to Integrate SonarCloud with Jenkins | Jenkins SonarCloud Integration | Automate Static Code Quality Analysis with SonarCloud from Jenkins

Automate Static Code Quality Analysis with SonarCloud from Jenkins

Pre-requisites in SonarCloud:

• Login to https://sonarcloud.io/, click on login.

Depending on your SCM tool, please click on it.

Enter GitHub credentials to setup your account in SonarCloud.

click confirm to grant access to SonarCloud.

You need to login to SonarCloud using your credentials. Go to https://sonarcloud.io/account

After login, click on Admin on your top side.

Click on My Account, Security. 

Under Tokens, Give some value for token name and choose Global analysis token, click on generate Tokens. Copy the token value generated.

note down org key as well under My Organization:

Pre-requisites in Jenkins:

After setting up SonarCloud successfully, login to Jenkins. Manage Jenkins --> Configure System --> SonarQube installation 

Server URL should be https://sonarcloud.io/

Enter Sonar credentials as secret text and select it from the drop down

 

Jenkins Pipeline code for running scan in SonarCloud

node {

    def mvnHome = tool 'Maven3'
    stage ("checkout")  {

        git branch: 'main', credentialsId: '', url: 'https://github.com/akannan1087/my-javawebapp-repo'

    }

   stage ('build')  {
    sh "${mvnHome}/bin/mvn clean install -f MyWebApp/pom.xml"
    }

     stage ('Code Quality scan')  {
       withSonarQubeEnv('SonarCloud') {

            sh """

              ${mvnHome}/bin/mvn -f MyWebApp/pom.xml \

             org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121:sonar \

              -Dsonar.organization=org_key \

              -Dsonar.projectKey=com.dept.app:MyWebApp \

              -Dsonar.projectName=MyWebApp

            """

        }
   }

}

Now login to SonarCloud under --> https://sonarcloud.io/projects

Here is the pipeline view: